US-based VT San Antonio Aerospace (VT SAA) suffers a data breach affecting over 1.5 TB of sensitive data
VT San Antonio Aerospace (VT SAA) is one of the leading aircraft MRO providers in North America. The company is also a subsidiary of Singapore-based engineering, defense, and technology firm ST Engineering that specializes in marine, land, and aerospace electronics. The company has suffered a huge data breach of over 1.5 TB of sensitive data. VT SAA was hit by a ransomware attack, the group behind the breach is claiming it stole 1.5 terabytes of sensitive organizational data from the company’s network.
The attackers used Maze ransomware operations that helped them to breach into the VT SAA systems. Well, a couple of days ago the same group had leaked sensitive data it stole from a US Nuclear contractor.
A sophisticated group of cybercriminals, known as the Maze group, gained unauthorized access to our network and deployed a ransomware attack.
The Vice president and general manager of the firm, Ed Onwe, stated
According to research, it was found that the system of the VT SAA was breached first in March and the second time in May. The company discovered the data breach because of “renamed files and associated ‘DECRYPT-FILES.txt’ located in the same folder as encrypted files.”
After getting the news of the breach the company soon started to investigate the matter and went on for researching what data was stolen and how they can recover that data. According to a sample provided by the attackers on Dark web and hacking forums, it was found that the data that had been breached may include sensitive data such as project implementation plan details, timelines, schedules, type of parts/equipment, and financial records.
When the attack was discovered, VT SAA immediately responded by taking certain systems offline, initiating investigation with the help of leading forensic advisors, and notifying law enforcement authorities. It has yet to be discovered that exactly what data was breached in the attack.
For more news on Cybersecurity and Tech subscribe to our newsletter from here